• Description

Description

Security Hub is a container-based micro service written in Nest.js on the BE side and a single page application written in Angular on the front side. The fronend is compiled and delivered through Nest.js as static assets (HTML, CSS, JS). PostgreSQL is used as a database management system. Underlying the Nest.js service is a Hashicorp Vault process, which is written in go.

While problems theoretically can occur everywhere, realistically main risk areas are failed updates to new versions and during development not discovered bugs in the application code.

List of possible scenarios:

• Risk: Nest.js runtime issues
• Probability: 2/10
• Solution: Automatic restart the Node.js instance (through e.g. Docker Compose)

• Risk: Frontend runtime issues
• Probability: 1/10
• Solution: Automatic restart the Node.js instance(through e.g. Docker Compose)

• Risk: Bug in DB (PostgreSQL)
• Probability: 1/10
• Solution: Automatic restart PostgreSQL (through e.g. Docker Compose)

• Risk: Bug in code (frontend or backend)
• Probability: 3/10
• Solution: Blue Green Deployment *1
• start two environments (Docker Compose)
• Apache / Nginx as load balancer / reverse proxy (minor configuration needed)
• Blue is production, green is staging. After successful testing change the configuration of the reverse proxy.
• DB synchronisation can be achieved in a number of ways and a deeper requirements analyses is needed. (Overview can be found e.g. here https://www.postgresql.org/docs/current/different-replication-solutions.html)

• Risk: Update issues (DB migrations, missing/incompatible packages, etc.)
• Probability: 3/10
• Solution: Blue Green Deployment, see above

* 1 Blue Green Deployment is an essential DevOps practice that improves software applications’ performance, reliability, and scalability by allowing them to run two identical production environments simultaneously. This method allows any updates to the main application to be tested in a separate environment before being deployed into production. This helps ensure new features or bug fixes don’t cause unexpected issues or disruptions. It also allows for the continuous availability of the application since, if there is a problem with one environment, the other can take over without service interruption or loss of data integrity.

Further Reading:

• https://devops.stackexchange.com/questions/11173/blue-green-deployment-db-transactions-management
• https://martinfowler.com/bliki/BlueGreenDeployment.html
• https://hevodata.com/learn/postgresql-master-slave-replication/

Back to Documentation

Back to Home Page